View Single Post
Old 8th May 2012
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,975
Default Our continued imaginary conversation

Quote:
You unlock this door with the key of imagination. Beyond it is another dimension: a dimension of sound, a dimension of sight, a dimension of mind. You're moving into a land of both shadow and substance, of things and ideas. You've just crossed over into... the Twilight Zone.
In today's episode, I have imagined what it might have been like if you had begun playing with backup(8), restore(8), and the bsd.rd RAMDISK kernel and then found you had some specific questions.
Q: I've been practicing backups and I'm confused by the "dump levels". I know level 0 is a full backup but I do not understand the various other levels.

A: Only in combination with data stored in /etc/dumpdates from prior dumps (enabled with -u) will non-zero dump levels have any meaning. Simple example: Monthly level 0 full backups, weekly level 1 backup, daily level 2 backups. This is shown in the "1 2 2 2..." example in the dump(8) man page. The other examples in the man page show some other alternatives, and you can design a backup scenario to fit your own needs. Just make sure -u is included in your dump commands in your backup script.

Q: I've been playing with backup via nc(1) and ssh(1). Both options are working really well. However, I have been testing "bare metal" restores with qemu and I've discovered that neither network tool are available on the bsd.rd RAMDISK kernel. How are you able to restore over a network onto bare metal?

A: The RAMDISK kernel environment includes ftp(1). It can pipe output (via -o -) and supports FTP, HTTP, and even HTTPS if necessary. It's not easy to deploy client certificates for HTTPS, so if you need it to transit an insecure network I recommend restricting access to the HTTPS server by IP address.

Q: I also discovered why I need to mount /tmp disk to the RAMDISK kernel -- there's not enough free space on the ram disk for any temporary files used by restore(8). However my disk I'm restoring to is fully allocated. What do you do in this situation?

A: Your "b" partition is swap space, isn't it? If so, just format it with newfs(8) and mount it as /tmp.

Q: Cool! Wait..... Where do I find my disklabel if I didn't print it out on paper or write it all down, in advance? I don't have a "b" partition if the disk drive is empty.

A: You can restore your disklabels from a backup of the filesystem containing /var/backups -- a copy will be placed there by security(8) whenever one is not there or it notes a change.
On MBR architectures, start with fdisk(8) so that the disk can be made bootable. # fdisk -iy <drive> will create a default MBR with a single OpenBSD MBR partition for the entire drive.

Use disklabel(8) to create a partition. Format it with newfs(8). Then use mount(8) to mount it as /tmp. # cd /tmp and then restore(8) your /var/backups there.

Copy the disklabel file from /tmp into / so that you can dismount /tmp. You'll need to do that in order to use disklabel(8) to restore the disklabel from the file. There is very very little free space on the ramdisk kernel, but there should be enough to copy the disklabel prototype file there. If not, write down the partitions by hand.
Q: Um, what about my laptop? It doesn't run security(8) very often, because it is suspended or powered off over night.

A: Start daily(8) and weekly(8) manually on systems which are not normally powered on when not in use, or alter the schedule in root's crontab(1 and 5).

Q: Do you have a recommended schedule for backups?

A: That will depend entirely on your needs, which are unique to you and your systems. For convenience, you could start your backup script(s) from daily.local(5), weekly.local(5), monthly.local(5) if you have daily/weekly/montly backups. If you need other times of day or different schedules, just start your script(s) from within root's crontab(1 and 5).
Reply With Quote